Is it even remotely possible to enhance your cybersecurity reputation without supporting content? To be more specific, as your brand is facing a cyber crisis, can it be restored without aggressively having compelling and positive content created? This is, after all, about information technology.
If you don’t toot your own horn, don’t complain there’s no music.
Fighting The Negativity
To be sure, the world can be a really negative place. And when it comes to social media and even traditional/legacy media, it can be excessively harsh. Overcoming that noise is not going to come easy, either. There is no magic press release. There is no single string of comments made by a company spokesperson that will enhance or restore the dignity of a perceived cybersecurity failure. There is only the truth that exists in the mind of the market.
What is out there in abundance, however, is a seemingly never ending string of actors who wish to elevate their own brand by simply tearing yours down. And while their cheap shots are just that (cheap), the scale exceptionally well. As such, fighting them off increasingly requires levels of effort that until a few years ago would have been dismissed and unnecessary. But of course, thanks largely to social media, those times have changed.
Yesteryear’s Response: The Standard Breach Response Template
There are now countless crisis management pieces of content online. So much so, in fact, that the value of a wireframe strategic plan is basically zero. If you want great advice, just go Google it and download whatever you like. Even on this site we offer a free Cybersecurity Playbook for Marketing. It’s free because we know all too well that, as a mere template, it’s really only worth the price of admission: your email address.
So the standard responses are commodities, free even. They are the equivalent of the parent in the bleachers yelling down to the coach what the next play should be. They are simply nuggets of advice, lacking the range and depth of what the coaching staff is paid to deliver. Valuable? Perhaps, to a point. But it’s hard not to see that the real value is derived from being deep, not shallow.
And so it is with any template/playbook that hasn’t been thoroughly developed, modified, and then coached as deeply as it should be. When it comes to cybersecurity, it’s the depth that will ultimately recover the brand. But if there’s one thing that is regularly left out of the templates, it’s the specialized content that must be created. Hardly surprising though, given that the crisis strategists are seldom the tactical operators / your players in the game.
Gap Analysis: Content Writing
The #1 gap in any cyber crisis strategic plan is, unsurprisingly, who all will be writing (copywriting) the truly impactful cybersecurity-specific content? Piece by piece.
- Blog Posts: Backed by a content calendar, who is generating the posts and landing them where they will have the most impact?
- Social Media Posts: Twitter, LinkedIn, Facebook, Instagram. Not only do the seemingly best perceived security executives have an active presence on at least Twitter and LinkedIn, but some of what is written there could, at times, benefit from being sponsored content to highly selected audiences.
- PowerPoint Presentations: CIOs and CISOs alike seldom have the time to build highly visual presentations. After all, as with a game-changing blog posts, investing the time necessary to get this right could easily take an entire day. In many cases, several days. It’s hard enough to do this when things are calm. But if you intend to get them out there in front of an audience, it’s going to take more than a standard template full of jargon and text to move the audience to the champion column.
- Influencer Marketing Content: Mapping out who the key influencers are then specifically targeting them through various channels is as much grunt work as it is an art form. It’s about making a personal connection, such that the influencer will become your champion, even if just for a moment.
Of course an organization could find some creative security team members to put aside what they are already doing and instead start to work on marketing. Or the marketing team could assign some creative resources to go shadow some on the security team. And during peacetime, that can work…to a point. In any case, it’s all about closing that gap that so clearly exists between marketing and security.
But by far the top way to get this gap closed is by simply contracting a cybersecurity marketing firm/agency. This group, after all, fully understands the whole range of security and compliance terminology (GDPR, PCI, HIPAA, SOC 2, NIST, ISO27001, DLP, encryption…) and how to make them work in your favor. Yes, even when they are just works in progress. After all, a work in progress is still progress. This is cybersecurity content marketing at its finest.
All of the best cybersecurity executives we know, the real die-hard practitioners of their craft, regularly create content on social media and are widely perceived as being in the best security balanced organizations. Coincidence? We don’t think so. They upgraded their skills and now inspire better outcomes. Oh, and you might be surprised at just how many of them have much of their best content ghost written for them.